1b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampackage org.bouncycastle.asn1.x509; 2b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 3b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.ASN1EncodableVector; 44c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.ASN1Integer; 5c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstromimport org.bouncycastle.asn1.DERBitString; 6b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.DERSequence; 7b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.DERTaggedObject; 8b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.DERUTCTime; 96e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.x500.X500Name; 10b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 11b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam/** 12b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * Generator for Version 3 TBSCertificateStructures. 13b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * <pre> 14b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * TBSCertificate ::= SEQUENCE { 15b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * version [ 0 ] Version DEFAULT v1(0), 16b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * serialNumber CertificateSerialNumber, 17b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * signature AlgorithmIdentifier, 18b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * issuer Name, 19b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * validity Validity, 20b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * subject Name, 21b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * subjectPublicKeyInfo SubjectPublicKeyInfo, 22b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL, 23b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL, 24b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * extensions [ 3 ] Extensions OPTIONAL 25b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * } 26b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * </pre> 27b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * 28b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 29b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampublic class V3TBSCertificateGenerator 30b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam{ 314c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom DERTaggedObject version = new DERTaggedObject(true, 0, new ASN1Integer(2)); 32b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 334c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom ASN1Integer serialNumber; 34b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam AlgorithmIdentifier signature; 354c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom X500Name issuer; 36b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Time startDate, endDate; 374c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom X500Name subject; 38b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam SubjectPublicKeyInfo subjectPublicKeyInfo; 394c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom Extensions extensions; 40b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 41c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private boolean altNamePresentAndCritical; 42c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private DERBitString issuerUniqueID; 43c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private DERBitString subjectUniqueID; 44c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 45b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public V3TBSCertificateGenerator() 46b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 47b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 48b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 49b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setSerialNumber( 504c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom ASN1Integer serialNumber) 51b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 52b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.serialNumber = serialNumber; 53b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 54b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 55b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setSignature( 56b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam AlgorithmIdentifier signature) 57b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 58b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.signature = signature; 59b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 60b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 614c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom /** 624c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom * @deprecated use X500Name method 634c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom */ 64b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setIssuer( 65b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509Name issuer) 66b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 674c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom this.issuer = X500Name.getInstance(issuer); 68b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 69b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 706e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom public void setIssuer( 716e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom X500Name issuer) 726e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom { 734c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom this.issuer = issuer; 746e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom } 756e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 76b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setStartDate( 77b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam DERUTCTime startDate) 78b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 79b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.startDate = new Time(startDate); 80b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 81b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 82b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setStartDate( 83b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Time startDate) 84b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 85b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.startDate = startDate; 86b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 87b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 88b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setEndDate( 89b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam DERUTCTime endDate) 90b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 91b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.endDate = new Time(endDate); 92b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 93b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 94b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setEndDate( 95b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Time endDate) 96b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 97b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.endDate = endDate; 98b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 99b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 1004c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom /** 1014c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom * @deprecated use X500Name method 1024c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom */ 103b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setSubject( 104b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509Name subject) 105b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 1064c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom this.subject = X500Name.getInstance(subject.toASN1Primitive()); 107b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 108b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 1096e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom public void setSubject( 1106e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom X500Name subject) 1116e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom { 1124c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom this.subject = subject; 1136e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom } 1146e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 115c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom public void setIssuerUniqueID( 116c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom DERBitString uniqueID) 117c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 118c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom this.issuerUniqueID = uniqueID; 119c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 120c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 121c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom public void setSubjectUniqueID( 122c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom DERBitString uniqueID) 123c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 124c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom this.subjectUniqueID = uniqueID; 125c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 126c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 127b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setSubjectPublicKeyInfo( 128b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam SubjectPublicKeyInfo pubKeyInfo) 129b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 130b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.subjectPublicKeyInfo = pubKeyInfo; 131b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 132b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 1334c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom /** 1344c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom * @deprecated use method taking Extensions 1354c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom * @param extensions 1364c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom */ 137b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setExtensions( 138b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509Extensions extensions) 139b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 1404c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom setExtensions(Extensions.getInstance(extensions)); 1414c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom } 1424c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom 1434c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom public void setExtensions( 1444c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom Extensions extensions) 1454c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom { 146b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.extensions = extensions; 147c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (extensions != null) 148c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 1494c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom Extension altName = extensions.getExtension(Extension.subjectAlternativeName); 150c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 151c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (altName != null && altName.isCritical()) 152c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 153c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom altNamePresentAndCritical = true; 154c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 155c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 156b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 157b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 1584c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom public TBSCertificate generateTBSCertificate() 159b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 160b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if ((serialNumber == null) || (signature == null) 161b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam || (issuer == null) || (startDate == null) || (endDate == null) 162c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null)) 163b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 164b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator"); 165b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 166b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 167b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1EncodableVector v = new ASN1EncodableVector(); 168b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 169b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam v.add(version); 170b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam v.add(serialNumber); 171b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam v.add(signature); 172b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam v.add(issuer); 173b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 174b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 175b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // before and after dates 176b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 177b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1EncodableVector validity = new ASN1EncodableVector(); 178b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 179b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam validity.add(startDate); 180b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam validity.add(endDate); 181b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 182b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam v.add(new DERSequence(validity)); 183b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 184c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (subject != null) 185c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 186c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom v.add(subject); 187c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 188c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 189c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 190c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom v.add(new DERSequence()); 191c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 192b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 193b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam v.add(subjectPublicKeyInfo); 194b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 195c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (issuerUniqueID != null) 196c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 197c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom v.add(new DERTaggedObject(false, 1, issuerUniqueID)); 198c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 199c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 200c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (subjectUniqueID != null) 201c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 202c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom v.add(new DERTaggedObject(false, 2, subjectUniqueID)); 203c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 204c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 205b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (extensions != null) 206b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 2074c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom v.add(new DERTaggedObject(true, 3, extensions)); 208b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 209b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 2104c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return TBSCertificate.getInstance(new DERSequence(v)); 211b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 212b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam} 213